Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0864

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-0864
Last Modified 07 Mar 2011 09:30:56
Published 23 Feb 2006 06:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0864

Summary

filescan in Global Hauri ViRobot 2.0 20050817 does not verify the Cookie HTTP header, which allows remote attackers to gain administrative privileges via an arbitrary cookie value.

Vulnerable Systems

Application

  • Hauri Virobot 2.0 2005-08-17


References

MISC - http://x82.inetcop.org/h0me/adv1sor1es/INCSA.2006-0x82-028-VIROBOT.txt

VUPEN - ADV-2006-0691

BID - 16768

BUGTRAQ - 20060222 [INetCop Security Advisory] Global Hauri Virobot cookie exploit

SECUNIA - 18974

XF - virobot-filescan-auth-bypass(24850)

SECTRACK - 1015658


Last Updated: 27 May 2016 10:41:50